Closed
Bug 23007
Opened 25 years ago
Closed 25 years ago
incorrect URL crash browser (malformed TABLE elements)
Categories
(Core :: Layout: Tables, defect, P3)
Tracking
()
People
(Reporter: mkl_mozilla, Assigned: harishd)
References
()
Details
Attached html code crash browser M12 on Linux and also on Windows 95. <HTML><HEAD><TITLE>I will crash you!!!</TITLE></HEAD> <BODY> <TABLE border=1><TBODY> <TR><TD><CENTER> <TABLE border=1><TBODY> <TR><TH>TEXT</TH><TD>some text</TD></TR> </TD></TR>here must be something</CENTER></TD> </TBODY> </TABLE> </TD></TR> </TBODY></TABLE> </BODY> </HTML> crash message from windows Aplikace MOZILLA zpùsobila neplatnost stránky v modulu GKHTML.DLL na adrese 014f:601c3785. Registry: EAX=01168d5c CS=014f EIP=601c3785 EFLGS=00010296 EBX=01159400 SS=0157 ESP=0063f674 EBP=0063f6a0 ECX=00000000 DS=0157 ESI=01163240 FS=11c7 EDX=00000000 ES=0157 EDI=00000000 GS=0000 Bajty v CS:EIP: 8b 07 89 4d f0 ff 90 a8 00 00 00 8b 4e 18 8b 56 Výpis zásobníku: 00000000 00000000 01163bc0 01159400 601c3b49 010b47d8 00000071 00000013 00000003 007246c8 00000000 0063f6e8 601c51cd 01163bc0 01163bc0 602b8060
Updated•25 years ago
|
Assignee: nobody → karnaze
URL: http://netmag.cz → http://netmag.cz
Severity: major → critical
Component: Browser-General → HTMLTables
Summary: incorrect URL crash browser → incorrect URL crash browser (malformed TABLE elements)
Comment 1•25 years ago
|
||
kluka@centrum.cz : Thanks for the excellent test case! This also 2000010308 win95. Passing to karnaze/HTMLTables (although perhaps it's Parser that needs to eject the gunk from the table).
Updated•25 years ago
|
Assignee: karnaze → harishd
Comment 2•25 years ago
|
||
Reassigning to Harish based on the stack. SinkContext::CloseContainer(const nsIParserNode & {...}) line 1247 + 3 bytes HTMLContentSink::CloseContainer(HTMLContentSink * const 0x01b3fbd0, const nsIParserNode & {...}) line 2777 + 15 bytes CNavDTD::CloseContainer(const nsIParserNode * 0x01b34940, nsHTMLTag eHTMLTag_td, int 0) line 2972 + 31 bytes CNavDTD::CloseContainersTo(int 5, nsHTMLTag eHTMLTag_td, int 0) line 3008 + 20 bytes CNavDTD::CloseContainersTo(nsHTMLTag eHTMLTag_td, int 0) line 3160 + 20 bytes CNavDTD::HandleEndToken(CToken * 0x01b170d0) line 1657 + 20 bytes CNavDTD::HandleToken(CNavDTD * const 0x01b13200, CToken * 0x01b170d0, nsIParser * 0x01b3fda0) line 804 + 12 bytes CNavDTD::HandleSavedTokens(int 6) line 1729 + 23 bytes CNavDTD::HandleOmittedTag(CToken * 0x01b172f0, nsHTMLTag eHTMLTag_text, nsHTMLTag eHTMLTag_tbody, nsIParserNode * 0x01b34250) line 1307 + 12 bytes CNavDTD::HandleDefaultStartToken(CToken * 0x01b172f0, nsHTMLTag eHTMLTag_text, nsIParserNode * 0x01b34250) line 1055 + 24 bytes CNavDTD::HandleStartToken(CToken * 0x01b172f0) line 1423 + 22 bytes CNavDTD::HandleToken(CNavDTD * const 0x01b13200, CToken * 0x01b172f0, nsIParser * 0x01b3fda0) line 801 + 12 bytes CNavDTD::BuildModel(CNavDTD * const 0x01b13200, nsIParser * 0x01b3fda0, nsITokenizer * 0x01b13180, nsITokenObserver * 0x00000000, nsIContentSink * 0x01b3fbd0) line 568 + 20 bytes nsParser::BuildModel() line 1039 + 34 bytes nsParser::ResumeParse(nsIDTD * 0x00000000, int 0) line 963 + 11 bytes nsParser::OnDataAvailable(nsParser * const 0x01b3fda4, nsIChannel * 0x01b3cea0, nsISupports * 0x00000000, nsIInputStream * 0x01b3c928, unsigned int 0, unsigned int 397) line 1333 + 19 bytes nsDocumentOpenInfo::OnDataAvailable(nsDocumentOpenInfo * const 0x01b3c2c0, nsIChannel * 0x01b3cea0, nsISupports * 0x00000000, nsIInputStream * 0x01b3c928, unsigned int 0, unsigned int 397) line 232 + 46 bytes nsFileChannel::OnDataAvailable(nsFileChannel * const 0x01b3cea4, nsIChannel * 0x01b3cd00, nsISupports * 0x00000000, nsIInputStream * 0x01b3c928, unsigned int 0, unsigned int 397) line 510 + 49 bytes nsOnDataAvailableEvent::HandleEvent(nsOnDataAvailableEvent * const 0x01b38360) line 370 nsStreamListenerEvent::HandlePLEvent(PLEvent * 0x01b3c8d0) line 93 + 12 bytes PL_HandleEvent(PLEvent * 0x01b3c8d0) line 522 + 10 bytes PL_ProcessPendingEvents(PLEventQueue * 0x00c7e340) line 483 + 9 bytes _md_EventReceiverProc(HWND__ * 0x00010496, unsigned int 49301, unsigned int 0, long 13099840) line 951 + 9 bytes USER32! DispatchMessageWorker@8 + 135 bytes USER32! DispatchMessageA@4 + 11 bytes nsNativeViewerApp::Run() line 76 main(int 1, char * * 0x00be15c0) line 137 + 11 bytes mainCRTStartup() line 338 + 17 bytes
Status: NEW → RESOLVED
Closed: 25 years ago
Resolution: --- → DUPLICATE
Thanks for the test case. *** This bug has been marked as a duplicate of 20797 ***
You need to log in
before you can comment on or make changes to this bug.
Description
•